[cap-talk] A paper on web-keys
ken
ken at sipantic.net
Fri Jan 18 11:32:36 EST 2008
James A. Donald wrote:
> administrators losing control - and end users gaining control.
And this is THE serious long term limitation in present IBAC approach. Case
by case this limit on SOA/Mashup will be avoided. Caja is one good way to
go.
k
Ken at sipantic.net
-----Original Message-----
From: cap-talk-bounces at mail.eros-os.org
[mailto:cap-talk-bounces at mail.eros-os.org] On Behalf Of James A. Donald
Sent: Friday, January 18, 2008 4:20 AM
To: General discussions concerning capability systems.
Subject: Re: [cap-talk] A paper on web-keys
Tyler Close wrote:
> One of the WWW 2008 reviewers of this paper wrote:
>
> "Capabilities are *always* easier to implement, and
> the tradeoff is *always* about giving up control."
>
> What is the canonical paper to critique in order to
> rebut the "giving up control" argument? Which paper
> had so much influence that people like the reviewer
> believe this fiction to the point of using star
> quotes?
In an actually useful implementation, one that takes
advantage of the ways in which capabilities differ from
ACLs, rather than trying to implement ACLs in
capabilities, capabilities *will* result in
administrators losing control - and end users gaining
control.
Of course one could use capabilities to implement
something that acts exactly like an ACL system, and in
this sense, capabilities do not involve giving up
control, but one would have to be damned stupid to use
capabilities for such a purpose. If it is going to work
like an ACL, make it an ACL.
_______________________________________________
cap-talk mailing list
cap-talk at mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
More information about the cap-talk
mailing list